You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@storm.apache.org by pa...@apache.org on 2015/04/10 00:56:38 UTC
[2/7] storm git commit: Merge remote-tracking branch
'upstream/master' into STORM-749
Merge remote-tracking branch 'upstream/master' into STORM-749
Conflicts:
STORM-UI-REST-API.md
Project: http://git-wip-us.apache.org/repos/asf/storm/repo
Commit: http://git-wip-us.apache.org/repos/asf/storm/commit/d67e16b5
Tree: http://git-wip-us.apache.org/repos/asf/storm/tree/d67e16b5
Diff: http://git-wip-us.apache.org/repos/asf/storm/diff/d67e16b5
Branch: refs/heads/master
Commit: d67e16b5deaee27078aab85d5060014191410942
Parents: bebf11a 2aaa718
Author: Parth Brahmbhatt <br...@gmail.com>
Authored: Thu Apr 2 18:15:05 2015 -0700
Committer: Parth Brahmbhatt <br...@gmail.com>
Committed: Thu Apr 2 18:15:05 2015 -0700
----------------------------------------------------------------------
CHANGELOG.md | 4 ++
README.markdown | 1 +
STORM-UI-REST-API.md | 31 ++++++++++
.../src/jvm/storm/kafka/KafkaUtils.java | 16 ++---
storm-core/src/clj/backtype/storm/ui/core.clj | 62 +++++++++++++++++++-
.../src/clj/backtype/storm/ui/helpers.clj | 15 ++++-
storm-core/src/jvm/backtype/storm/Config.java | 6 ++
.../jvm/backtype/storm/utils/NimbusClient.java | 7 +++
8 files changed, 130 insertions(+), 12 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/storm/blob/d67e16b5/STORM-UI-REST-API.md
----------------------------------------------------------------------
diff --cc STORM-UI-REST-API.md
index 1a98b7d,808344b..d09449a
--- a/STORM-UI-REST-API.md
+++ b/STORM-UI-REST-API.md
@@@ -574,8 -579,74 +574,39 @@@ Sample response
}
```
-### /api/v1/token (GET)
-
-Returns a anti forgery token to use in POST calls
-
-Response fields:
-
-|Field |Value |Description|
-|antiForgeryToken| String | CSRF token|
-
-Sample response:
-
-```json
-{
- "antiForgeryToken": "Dygf1UHQF7qL0syKLTKEGSX5y0rZhhQTxS2f/WWwI2PhN1zmRdh8MQ1KTd5CXRmjMVmAJ43eklqYmvD5"
-}
-```
-
-
## POST Operations
-### Cross site request forgery (CSRF) prevention in POST requests
-
-In order to prevent CSRF vulnerability, the REST API uses a CSRF token. This is primarily done for the UI, however we
-do not have alternative APIs/paths for UI and non-UI clients.
-
-The token is generated during the `/api/v1/topology/:id` (GET) request. The JSON response for this GET request contains
-a field called "antiForgeryToken". All the post requests below must include a header "x-csrf-token" with the value of
-"antiForgeryToken" from the GET response. In absence of this header with the right token value you will get following
-error response:
-
-```
-{
- "error" : "Forbidden action.",
- "errorMessage" : "missing CSRF token."
-}
-```
+
+ ### /api/v1/uploadTopology (POST)
+
+ uploads a topology.
+
+
+ |Parameter |Value |Description |
+ |----------|--------|-------------|
+ |topologyConfig |String (required)| topology json config |
+ |topologyJar |String (required)| topology jar file |
+
+ Sample topologyConfig json:
+ ```json
+ {"topologyMainClass": "storm.starter.WordCountTopology", "topologyMainClassArgs": ["wordcount1"]}
+ ```
+
+ Examples:
+
+ ```no-highlight
+ curl -i -b ~/cookiejar.txt -c ~/cookiejar.txt -X POST
--H 'x-csrf-token: ycit8Wi89ZdAOo9KKaka/Pvd0vnx8TZzP8xSDDSw8J8bTfyn4jz38VN4Xcb7CF6xigRzDLaGVHbrSj80'
+ -F topologyConfig='{"topologyMainClass": "storm.starter.WordCountTopology", "topologyMainClassArgs": ["wordcount1"]}'
+ -F topologyJar=@examples/storm-starter/storm-starter-topologies-0.10.0-SNAPSHOT.jar
+ http://localhost:8080/api/v1/uploadTopology
+ ```
+
+ Sample Response:
+
+ ```json
+ {"status":"success"}
+ ```
+
### /api/v1/topology/:id/activate (POST)
Activates a topology.
http://git-wip-us.apache.org/repos/asf/storm/blob/d67e16b5/storm-core/src/clj/backtype/storm/ui/core.clj
----------------------------------------------------------------------
diff --cc storm-core/src/clj/backtype/storm/ui/core.clj
index 7a475ad,ab2b2d9..bbf7b18
--- a/storm-core/src/clj/backtype/storm/ui/core.clj
+++ b/storm-core/src/clj/backtype/storm/ui/core.clj
@@@ -1004,7 -1063,13 +1059,8 @@@
(def app
(handler/site (-> main-routes
(wrap-json-params)
+ (wrap-multipart-params)
(wrap-reload '[backtype.storm.ui.core])
- (wrap-anti-forgery {:error-response csrf-error-response})
catch-errors)))
(defn start-server!